> ## Documentation Index
> Fetch the complete documentation index at: https://help.freakhosting.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How to Enable 2FA on the VPS Panel

> Protect your FREAKHOSTING VPS Control Panel account with TOTP-based two-factor authentication, backup codes, and trusted device management.

## Securing Your Account with Two-Factor Authentication

Passwords can be guessed, phished, or leaked in data breaches. Two-Factor Authentication (2FA) solves this by requiring a second proof of identity — a time-based code from your phone — every time you log in. Even if someone steals your password, they still cannot get into your account without that code.

Think of it like this: your password is the key to your front door, and 2FA is the deadbolt. Both need to be unlocked to get in.

<CardGroup cols={2}>
  <Card title="Difficulty" icon="gauge-low">
    Beginner
  </Card>

  <Card title="Time" icon="clock">
    5 Minutes
  </Card>
</CardGroup>

***

## What You Will Need

Before you start, download an authenticator app on your phone. Any **TOTP** (Time-based One-Time Password) app will work. Here are the most popular options:

| App                         | Platform              | Notes                                       |
| --------------------------- | --------------------- | ------------------------------------------- |
| **Google Authenticator**    | iOS, Android          | Simple, no account needed, free             |
| **Authy**                   | iOS, Android, Desktop | Supports cloud backup and multi-device sync |
| **Microsoft Authenticator** | iOS, Android          | Good if you already use Microsoft services  |
| **1Password**               | iOS, Android, Desktop | Built into the password manager             |
| **Bitwarden**               | iOS, Android, Desktop | Built into the free password manager        |

If you are not sure which to pick: **Google Authenticator** is the simplest choice, while **Authy** is the safest if you worry about losing your phone since it can back up your codes to the cloud.

***

## Enabling Two-Factor Authentication

<Steps>
  <Step title="Navigate to Account Settings">
    Click on **Account** in the top navigation bar of the control panel.
  </Step>

  <Step title="Open the Two-Factor Authentication Tab">
    Click on the **Two-factor Authentication** tab in the account settings navigation.
  </Step>

  <Step title="Begin Activation">
    If 2FA is not yet enabled, you will see an option to activate it. Click the **Activate** button to begin the setup process.
  </Step>

  <Step title="Scan the QR Code with Your Authenticator App">
    A QR code will appear on screen. Open your authenticator app and scan it:

    * **Google Authenticator:** Tap the **+** button, then **Scan a QR code**
    * **Authy:** Tap **Add Account**, then **Scan QR Code**
    * **Microsoft Authenticator:** Tap **+**, choose **Other account**, then scan
    * **1Password / Bitwarden:** Edit the login entry for FREAKHOSTING and add a one-time password field, then scan

    Once scanned, your app will show an entry labeled something like **FREAKHOSTING** or **cloud.freakhosting.com** with a 6-digit code that refreshes every 30 seconds.

    **Can't scan the QR code?** Most setup screens also provide a manual entry key — a long text string you can type into your authenticator app instead of scanning.
  </Step>

  <Step title="Enter the Verification Code">
    Your authenticator app is now generating 6-digit codes that change every 30 seconds. Type the **current code** into the verification field on screen and confirm. This proves the link between your account and your app is working correctly.

    **Tip:** If the code does not work, wait for the next one. Codes expire quickly, and if you type one right as it is about to change, it may be rejected.
  </Step>

  <Step title="Save Your Backup Codes Immediately">
    After activation, you will be given a set of **one-time backup codes**. These are your emergency access method if you ever lose your phone or cannot open your authenticator app.

    **Do this right now:**

    * Copy them to your password manager
    * Print them and store the paper in a safe place
    * Save them in an encrypted file

    Do **not** store them in an unprotected note on your phone (the same device with your authenticator app — if you lose the phone, you lose both).
  </Step>
</Steps>

<Important>
  Your backup codes are shown **only once** during the setup process. If you lose both your authenticator device and your backup codes, you will need to contact FREAKHOSTING support for manual identity verification and account recovery. Save them now — future you will thank present you.
</Important>

***

## Managing Backup Codes

Backup codes are one-time-use codes that let you log in when your authenticator app is unavailable — dead phone, lost device, factory reset, you name it. Here is how they work after 2FA is enabled:

* Click the **Backup codes** button on the Two-factor Authentication page to view or regenerate your codes.
* Each backup code can only be used **once**. After you use one, it is permanently crossed off the list.
* If you are running low on codes (or if you suspect someone else has seen them), regenerate a new set immediately. This invalidates all previous codes.

**Pro tip:** Keep a count of how many backup codes you have left. If you are down to your last one or two, regenerate a fresh batch before you actually need them in an emergency.

***

## Managing Trusted Devices

Typing a 2FA code every single time you log in from your home computer can get tedious. When you log in with 2FA, you may have the option to **trust the device** so that particular browser skips the 2FA prompt for a set number of days.

The Two-factor Authentication page shows a **Trusted Devices** table with details about each device you have marked as trusted:

| Column         | Description                                                                 |
| -------------- | --------------------------------------------------------------------------- |
| **Device**     | The type of device (e.g., Apple Mac, Apple iPhone, Windows PC)              |
| **OS**         | The operating system and version                                            |
| **Browser**    | The browser name and version used                                           |
| **IP Address** | The IP address from which the device last connected                         |
| **Last Used**  | How recently the trusted device was used to log in                          |
| **Expires**    | The number of days remaining before trust expires and 2FA is required again |

### Reviewing and Removing Trusted Devices

* To remove a **single** trusted device, click the **Remove** button next to that specific device entry.
* To remove **all** trusted devices at once, click the **Remove All** button. This forces 2FA verification on the next login from every device.

<Tip>
  Make it a habit to glance at your trusted devices list every few weeks. If you spot a device you do not recognize — an unfamiliar IP address, browser, or operating system — remove it immediately, change your password, and regenerate your backup codes as a precaution.
</Tip>

***

## Deactivating Two-Factor Authentication

If you need to disable 2FA temporarily (for example, when switching to a new phone or a different authenticator app):

<Steps>
  <Step title="Navigate to the Two-Factor Authentication Tab">
    Go to **Account** > **Two-factor Authentication**.
  </Step>

  <Step title="Click Deactivate">
    Click the **Deactivate** button. You may be prompted to confirm your decision.
  </Step>

  <Step title="Re-Enable on Your New Device">
    After deactivating, set up 2FA again immediately by following the activation steps above with your new authenticator app. The window where 2FA is disabled is a window of reduced security — keep it as short as possible.
  </Step>
</Steps>

<Important>
  Some FREAKHOSTING accounts may require two-factor authentication to remain active at all times based on your plan or administrative policy. If this applies to your account, you will need to re-activate 2FA immediately after deactivating it.
</Important>

***

<AccordionGroup>
  <Accordion title="Which authenticator apps are supported?">
    Any app that supports the **TOTP** (Time-based One-Time Password) standard will work. This includes Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, and many others. Hardware keys like YubiKey with TOTP support also work.
  </Accordion>

  <Accordion title="What happens if I lose my phone?">
    Use one of your saved **backup codes** to log in. Each backup code works once. If you have no backup codes remaining, contact FREAKHOSTING support — they will verify your identity through alternative means and help you regain access.
  </Accordion>

  <Accordion title="Can I use the same authenticator app for multiple accounts?">
    Absolutely. Most authenticator apps support unlimited accounts. Each one shows as a separate entry with its own 6-digit code. Just make sure you label them clearly so you do not mix up which code goes where.
  </Accordion>

  <Accordion title="Why is my code being rejected?">
    TOTP codes are time-sensitive — they change every 30 seconds. If your phone's clock is off by even a minute, the codes will not match. Make sure your phone's time is set to **automatic** (synced with network time). On iPhone, go to Settings > General > Date & Time > Set Automatically. On Android, go to Settings > System > Date & Time > Set time automatically.
  </Accordion>

  <Accordion title="I switched phones — how do I move my 2FA?">
    The cleanest approach is to deactivate 2FA on your account, then re-activate it and scan the new QR code with your new phone. If you use **Authy**, it has built-in multi-device support that can sync your tokens to a new device automatically. Google Authenticator also supports account transfers between devices through its export feature.
  </Accordion>
</AccordionGroup>

***

<Note>
  ### Need Extra Help?

  If you encounter any issues, our support team is ready to assist:

  * **Live Chat:** Quick assistance via our website.
  * **Support Ticket:** [Open a Ticket](https://freakhosting.com/clientarea/submitticket.php)
  * **Discord:** [Join our Community](https://discord.gg/freakhosting)
  * **Email:** [support@freakhosting.com](mailto:support@freakhosting.com)
</Note>

<Tip>
  ### Save on Your Hosting

  Ready to get a new server? Use code **KB20** at checkout for **20% off** your first month!
</Tip>

***

<div align="center">
  **Last Updated:** March 2026 | **VPS Support:** Two-factor authentication simplified.
</div>
